New Defects reported by Coverity Scan for LibreOffice
scan-admin at coverity.com
scan-admin at coverity.com
Mon Dec 22 09:34:14 PST 2014
Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
8 new defect(s) introduced to LibreOffice found with Coverity Scan.
10 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 8 of 8 defect(s)
** CID 1260295: Wrong operator used (CONSTANT_EXPRESSION_RESULT)
/vcl/source/window/builder.cxx: 1660 in VclBuilder::makeObject(vcl::Window *, const rtl::OString &, const rtl::OString &, std::map<rtl::OString, rtl::OString, std::less<rtl::OString>, std::allocator<std::pair<const rtl::OString, rtl::OString>>> &)()
** CID 1260296: Unchecked dynamic_cast (FORWARD_NULL)
/sw/source/uibase/misc/redlndlg.cxx: 146 in SwRedlineAcceptDlg::SwRedlineAcceptDlg(vcl::Window *, vcl::Window *, bool)()
** CID 1260301: Using invalid iterator (INVALIDATE_ITERATOR)
/sc/source/filter/oox/unitconverter.cxx: 232 in oox::xls::UnitConverter::calcErrorString(unsigned char) const()
** CID 1242381: Don't call (DC.WEAK_CRYPTO)
/usr/include/boost/uuid/seed_rng.hpp: 143 in boost::uuids::detail::seed_rng::sha1_random_digest_()()
** CID 1260333: Unused value (UNUSED_VALUE)
/sc/source/filter/excel/excform8.cxx: 436 in ExcelToSc8::Convert(const ScTokenArray *&, XclImpStream &, unsigned long, bool, FORMULA_TYPE)()
** CID 1260323: Unused value (UNUSED_VALUE)
/sc/source/filter/excel/excform8.cxx: 435 in ExcelToSc8::Convert(const ScTokenArray *&, XclImpStream &, unsigned long, bool, FORMULA_TYPE)()
** CID 1260332: Unused value (UNUSED_VALUE)
/sc/source/filter/excel/excform.cxx: 470 in ExcelToSc::Convert(const ScTokenArray *&, XclImpStream &, unsigned long, bool, FORMULA_TYPE)()
** CID 1260325: Unused value (UNUSED_VALUE)
/sc/source/filter/excel/excform.cxx: 471 in ExcelToSc::Convert(const ScTokenArray *&, XclImpStream &, unsigned long, bool, FORMULA_TYPE)()
________________________________________________________________________________________________________
*** CID 1260295: Wrong operator used (CONSTANT_EXPRESSION_RESULT)
/vcl/source/window/builder.cxx: 1660 in VclBuilder::makeObject(vcl::Window *, const rtl::OString &, const rtl::OString &, std::map<rtl::OString, rtl::OString, std::less<rtl::OString>, std::allocator<std::pair<const rtl::OString, rtl::OString>>> &)()
1654 return NULL; // no widget to be created
1655 }
1656 }
1657 else if (name == "GtkWindow")
1658 {
1659 WinBits nBits = extractDeferredBits(rMap);
>>> CID 1260295: Wrong operator used (CONSTANT_EXPRESSION_RESULT)
>>> "nBits | 536870912L /* (WinBits)536870912L */" is always 1/true regardless of the values of its operand. This occurs as the logical operand of if.
1660 if (nBits | WB_DOCKABLE)
1661 pWindow = new DockingWindow(pParent, nBits|WB_MOVEABLE);
1662 else
1663 pWindow = new FloatingWindow(pParent, nBits|WB_MOVEABLE);
1664 }
1665 else
________________________________________________________________________________________________________
*** CID 1260296: Unchecked dynamic_cast (FORWARD_NULL)
/sw/source/uibase/misc/redlndlg.cxx: 146 in SwRedlineAcceptDlg::SwRedlineAcceptDlg(vcl::Window *, vcl::Window *, bool)()
140 {
141 delete pImplDlg;
142 }
143
144 SwRedlineAcceptDlg::SwRedlineAcceptDlg(vcl::Window *pParent, vcl::Window *pContentArea, bool bAutoFmt) :
145 pParentDlg (pParent),
>>> CID 1260296: Unchecked dynamic_cast (FORWARD_NULL)
>>> Dynamic cast to pointer "dynamic_cast <VclBuilderContainer *>(pParent)" can return "NULL".
146 aTabPagesCTRL (pContentArea, dynamic_cast<VclBuilderContainer*>(pParent)),
147 aPopup (SW_RES(MN_REDLINE_POPUP)),
148 sInserted (SW_RES(STR_REDLINE_INSERTED)),
149 sDeleted (SW_RES(STR_REDLINE_DELETED)),
150 sFormated (SW_RES(STR_REDLINE_FORMATED)),
151 sTableChgd (SW_RES(STR_REDLINE_TABLECHG)),
________________________________________________________________________________________________________
*** CID 1260301: Using invalid iterator (INVALIDATE_ITERATOR)
/sc/source/filter/oox/unitconverter.cxx: 232 in oox::xls::UnitConverter::calcErrorString(unsigned char) const()
226 if (aIt->second == nErrorCode)
227 return aIt->first;
228 if (aIt->second == BIFF_ERR_NA)
229 iFail = aIt;
230 }
231 assert(iFail != maOoxErrCodes.end()); // BIFF_ERR_NA really should be in the map..
>>> CID 1260301: Using invalid iterator (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "iFail" though it is already past the end of its container.
232 return iFail->first;
233 }
234
235 void UnitConverter::addErrorCode( sal_uInt8 nErrorCode, const OUString& rErrorCode )
236 {
237 maOoxErrCodes[ rErrorCode ] = nErrorCode;
________________________________________________________________________________________________________
*** CID 1242381: Don't call (DC.WEAK_CRYPTO)
/usr/include/boost/uuid/seed_rng.hpp: 143 in boost::uuids::detail::seed_rng::sha1_random_digest_()()
137 {
138 std::clock_t ck = std::clock();
139 sha.process_bytes( (unsigned char const*)&ck, sizeof( ck ) );
140 }
141
142 {
>>> CID 1242381: Don't call (DC.WEAK_CRYPTO)
>>> "rand()" should not be used for security related applications, as linear congruential algorithms are too easy to break.
143 unsigned int rn[] =
144 { static_cast<unsigned int>(std::rand())
145 , static_cast<unsigned int>(std::rand())
146 , static_cast<unsigned int>(std::rand())
147 };
148 sha.process_bytes( (unsigned char const*)rn, sizeof( rn ) );
________________________________________________________________________________________________________
*** CID 1260333: Unused value (UNUSED_VALUE)
/sc/source/filter/excel/excform8.cxx: 436 in ExcelToSc8::Convert(const ScTokenArray *&, XclImpStream &, unsigned long, bool, FORMULA_TYPE)()
430 aStack << aPool.Store( fDouble );
431 break;
432 case 0x40:
433 case 0x60:
434 case 0x20: // Array Constant [317 268]
435 nByte = aIn.ReaduInt8();
>>> CID 1260333: Unused value (UNUSED_VALUE)
>>> Value from "aIn->ReaduInt16()" is assigned to "nUINT16" here, but that stored value is not used before it is overwritten.
436 nUINT16 = aIn.ReaduInt16();
437 aIn.Ignore( 4 );
438 if( bAllowArrays )
439 {
440 aStack << aPool.StoreMatrix();
441 aExtensions.push_back( EXTENSION_ARRAY );
________________________________________________________________________________________________________
*** CID 1260323: Unused value (UNUSED_VALUE)
/sc/source/filter/excel/excform8.cxx: 435 in ExcelToSc8::Convert(const ScTokenArray *&, XclImpStream &, unsigned long, bool, FORMULA_TYPE)()
429 fDouble = aIn.ReadDouble();
430 aStack << aPool.Store( fDouble );
431 break;
432 case 0x40:
433 case 0x60:
434 case 0x20: // Array Constant [317 268]
>>> CID 1260323: Unused value (UNUSED_VALUE)
>>> Value from "aIn->ReaduInt8()" is assigned to "nByte" here, but that stored value is not used before it is overwritten.
435 nByte = aIn.ReaduInt8();
436 nUINT16 = aIn.ReaduInt16();
437 aIn.Ignore( 4 );
438 if( bAllowArrays )
439 {
440 aStack << aPool.StoreMatrix();
________________________________________________________________________________________________________
*** CID 1260332: Unused value (UNUSED_VALUE)
/sc/source/filter/excel/excform.cxx: 470 in ExcelToSc::Convert(const ScTokenArray *&, XclImpStream &, unsigned long, bool, FORMULA_TYPE)()
464 fDouble = aIn.ReadDouble();
465 aStack << aPool.Store( fDouble );
466 break;
467 case 0x40:
468 case 0x60:
469 case 0x20: // Array Constant [317 268]
>>> CID 1260332: Unused value (UNUSED_VALUE)
>>> Value from "aIn->ReaduInt8()" is assigned to "nByte" here, but that stored value is not used before it is overwritten.
470 nByte = aIn.ReaduInt8();
471 nUINT16 = aIn.ReaduInt16();
472 aIn.Ignore( (meBiff == EXC_BIFF2) ? 3 : 4 );
473 if( bAllowArrays )
474 {
475 aStack << aPool.StoreMatrix();
________________________________________________________________________________________________________
*** CID 1260325: Unused value (UNUSED_VALUE)
/sc/source/filter/excel/excform.cxx: 471 in ExcelToSc::Convert(const ScTokenArray *&, XclImpStream &, unsigned long, bool, FORMULA_TYPE)()
465 aStack << aPool.Store( fDouble );
466 break;
467 case 0x40:
468 case 0x60:
469 case 0x20: // Array Constant [317 268]
470 nByte = aIn.ReaduInt8();
>>> CID 1260325: Unused value (UNUSED_VALUE)
>>> Value from "aIn->ReaduInt16()" is assigned to "nUINT16" here, but that stored value is not used before it is overwritten.
471 nUINT16 = aIn.ReaduInt16();
472 aIn.Ignore( (meBiff == EXC_BIFF2) ? 3 : 4 );
473 if( bAllowArrays )
474 {
475 aStack << aPool.StoreMatrix();
476 aExtensions.push_back( EXTENSION_ARRAY );
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/211?tab=overview
To manage Coverity Scan email notifications for "libreoffice at lists.freedesktop.org", click http://scan.coverity.com/subscriptions/edit?email=libreoffice%40lists.freedesktop.org&token=d6481d718a775246b2340f282ebe5939 .
More information about the LibreOffice
mailing list